Cross-site scripting (XSS) vulnerability in search.php in phpInv 0.8.0 allows remote attackers to inject arbitrary web script or HTML via the keyword parameter.
CVSS Score
4.3
EPSS Score
0.016
Published
2008-06-13
Directory traversal vulnerability in entry.php in phpInv 0.8.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter.
CVSS Score
7.5
EPSS Score
0.018
Published
2008-06-13